From daf6b8b2125f9676644a43e91b17df8fd09b68ac Mon Sep 17 00:00:00 2001
From: Philip Prindeville <philipp@redfish-solutions.com>
Date: Fri, 29 Oct 2021 18:21:07 -0600
Subject: [PATCH] bind: created /var/run/named directory

Side-effect of dropping capabilities(7) with last commit is now we
need the `/var/run/named/` directory created for us at startup.

Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
---
 net/bind/files/named.init | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/net/bind/files/named.init b/net/bind/files/named.init
index 1a7683704..bb13c5f5f 100644
--- a/net/bind/files/named.init
+++ b/net/bind/files/named.init
@@ -21,7 +21,6 @@ dyndir=/tmp/bind
 
 conf_local_file=$dyndir/named.conf.local
 
-
 fix_perms() {
     for dir in $libdir $logdir $cachedir $dyndir; do
 	test -e "$dir" || {
@@ -41,6 +40,13 @@ start_service() {
     group_exists bind 57 || group_add bind 57
     fix_perms
 
+    local runnamed=$(dirname $pid_file)
+    # with dropped privileges, we need this created for us
+    [ -d $runnamed ] || {
+	mkdir -m 0755 $runnamed
+	chown bind.bind $runnamed
+    }
+
     rndc-confgen > $rndc_temp
 
     sed -r -n \